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AMENDMENTS TO THE CLAIMS: 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1. (currently amended) An apparatus to be connected between a network access unit 
and a network to be protected, for protecting legitimate traffic from DoS (denial of service) and 
DDoS (distributed denial of service) attacks, said apparatus comprising: 

a high-priority queue; 

a low-priority queue; 

a queue information table having, for each specific STT (source-based traffic trunk), 
previous load information, and 

a service queue for a specific packet having the specific STT, wherein the 
service queue is the high-priority queue or the low-priority queue; 

a packet classifier for receiving a packet from the network access unit, searching the queue 
information table for a service queue associated with an STT of the received packet, selectively 
transferring the received packet to the high-priority queue or the low-priority queue in accordance 
with the service queue, ; 

a queue coordinator for receiving information on the received packet from the packet 
classifier, and updating the service queue associated with the STT of the received packet in the 
queue information table based on (i) a load of the STT of the received packet and (ii) the previous 
load information stored in the queue information table in association with the STT of the received 
packet ; and 

a buffer for buffering outputs of the high-priority queue and the low-priority queue and 
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providing the buffered outputs to the network to be protected. 

2. (original) The apparatus of claim 1, wherein the network to be protected 
comprises a server. 

3. (previously presented) The apparatus of claim 1, wherein the information on the 
received packet includes a packet size, a packet arrival time and an STT index representing the STT 
of the received packet. 

4. (previously presented) The apparatus of claim 1, wherein the queue information 
table has fields including: 

an STT ID field, 

a service queue field, 

an average load field, 

a recent load calculation time field, and 

a total packet size field. 

5. (previously presented) The apparatus of claim 1, wherein a maximum load of both 
the high-priority queue and the low-priority queue is set to be a maximum allowable load of the 
network to be protected. 

6. (original) The apparatus of claim 5, wherein the network to be protected 
comprises a server. 

7. (currently amended) A method of protecting legitimate traffic from DoS (denial 
of service) and DDoS (distributed denial of service) attacks by way of an apparatus which is 
connected between a network access unit and a network to be protected and which includes: 
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a queue information table having, for each specific STT (source-based traffic trunk), 
previous load information, and 

a service queue for a specific packet having the specific STT, wherein the 
service queue is a high-priority queue or a low-priority queue, 
a queue coordinator, and 
a packet classifier, 
the method comprising the steps of: 

(a) obtaining, by the packet classifier, an STT (STT R )-_of a packet received from the 
network access unit based on a source IP address of the received packet ; 

(b) searching, by the packet classifier, the queue information table for the service queue 
corresponding to-ST-T- R - the STT of the received packet and checking, by the packet classifier, 
whether the service queue is the high-priority queue or the low-priority queue; 

(c) transferring, by the packet classifier, the received packet to the high-priority queue if 
the service queue is the high-priority queue in the step (b); 

(d) transferring, by the packet classifier, the received packet to the low-priority queue if 
the service queue is the low-priority queue in the step (b); 

(e) transferring, by the packet classifier, packet information on the received packet to 
the queue coordinator; and 

(f) updating, by the queue coordinato r and based on a load of STT R , the service queue 
associated wifh-ST-T- R - the STT of the received packet in the queue information table , wherein said 
updating is based on (i) a load of the received packet and (ii) the previous load information stored in 
the queue information table in association with the STT of the received packet . 

8. (original) The method of claim 7, wherein the network to be protected 
comprises a server. 

9. (currently amended) The method of claim 7, wherein the step (f) comprises the 
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following steps performed by the queue coordinator : 

(a') calculating an average load of-STT- R - the STT of the received packet based on the 
packet information transferred from the packet classifier; 

(b') selectively resetting the service queue associated with STT R - the STT of the 
received packet depending on the calculated average load of the STT of the received packetS T-T- R ; 

(c') calculating an average load of the high-priority queue; 

(d) selectively resetting a service queue associated with a certain STT depending on the 
calculated average load of the high-priority queue; and 

(e') storing the selectively reset service queue in the queue information table. 

10. (previously presented) The method of claim 9, wherein the step (e') further 
comprises: 

storing a modified average load in the queue information table. 

11. (previously presented) The method of claim 9, wherein the step (a') further includes 
the steps of: 

(a'l) calculating a total packet size based on the packet information transferred from the 
packet classifier; 

(a'2) checking whether it is time to recalculate the average load; 

(a'3) if it is time to recalculate the average load in the step (a'2), calculating a new 
average load by using (i) a previous average load and (ii) a current average load based on the total 
packet size, and then proceeding to the step (b') ; and 

(a'4) if it is not time to recalculate the average load, proceeding to the step (b'). 

12. (currently amended) The method of claim 11, wherein the packet information 
includes a packet size, a packet arrival time, and an STT index corresponding to the STT of the 
received packetS T-T- R . 



5 



Serial No. 10/535,455 



13. (currently amended) The method of claim 9, wherein the step (b') further includes 
the steps of: 

(b'l) setting the service queue associated with-ST-T- R - the STT of the received packet to be 
the low-priority queue if the calculated average load of-ST-T- R - the STT of the received packet is 
greater than an allowable load when the high-priority queue is in a congested state; 

(b'2) randomly choosing one a first ST T (STIV K which uses the low-priority queue, from 
the queue information table if the service queue associated with-ST-T- R - the STT of the received 
packet is the high-priority queue; 



(b'3) following the step (b'2), setting a service queue associated with-ST-Ts - the randomly 
chosen first STT to be the high-priority queue and the service queue associated with STT R - the 
STT of the received packet to be the low-priority queue if the average load o f STT R - the STT of 
the received packet is greater than that of the randomly chosen first STTS T-T- S ; 

(b'4) randomly choosing a second- eae ST T (STT S ), which uses the high-priority queue, 
from the queue information table if the service queue associated with-ST-T-R - the STT of the 
received packet is the low-priority queue; and 

(b'5) following the step (b'4), setting the service queue associated with-ST-T- R - the STT of 
the received packet to be the high-priority queue and a service queue associated with STTs - the 
randomly chosen second STT to be the low-priority queue if the average load o f STT R - the STT of 
the received packet is smaller than that of the randomly chosen second STTS T-T-s. 

14. (currently amended) The method of claim 9, wherein the step (c') further includes 
the steps of: 

(c'l) determining whether the service queue associated with STT R - the STT of the 
received packet after the selective resetting in the step (b') is the high-priority queue or the low- 
priority queue ; 

(c'2) calculating a total packet size served through the high-priority queue if the service 
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queue associated wifh-ST-T- R - the STT of the received packet is the high-priority queue; 

(c'3) calculating the average load of the high-priority queue if it is time to recalculate the 
average load of the high-priority queue; and 

(c'4) proceeding to the step (d'). 



15. (previously presented) The method of claim 9, wherein the step (d) includes the 
steps of: 

(d'l) obtaining the calculated average load of the high-priority queue from the step (c'); 

(d'2) randomly choosing one STT, which uses the high-priority queue, and setting a 
service queue of the randomly chosen STT to the low-priority queue if the calculated average load 
of the high-priority queue indicates that the high-priority queue is in a congested state; 

(d'3) randomly choosing one STT, which uses the low-priority queue, and setting a 
service queue of the randomly chosen STT to the high-priority queue if the calculated average load 
of the high-priority queue indicates that the high-priority queue is in an idle state; and 

(d'4) proceeding to the step (e') if the calculated average load of the high-priority queue 
indicates that the high-priority queue is in a stable state or when one of the steps of (d'2) and (d'3) 
is performed. 

16. (currently amended) The method of claim 7, wherein the step (f) comprises the 
following steps performed by the queue coordinator: 

(a') calculating an average load of-STT- R - the STT of the received packet based on the 
packet information transferred from the packet classifier; 

(b') selectively resetting the service queue associated with STT R - the STT of the 
received packet depending on the calculated average load of the STT of the received packet STT- R ; 
and 

(c') storing the selectively reset service queue in the queue information table. 
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17. (currently amended) The method of claim 16, wherein the step (b') further 
includes the steps of: 

(b'l) setting the service queue associated wifh-ST-T- R - the STT of the received packet to be 
the low-priority queue if the calculated average load of-ST-T- R - the STT of the received packet is 
greater than an allowable load when the high-priority queue is in a congested state; 

(b'2) randomly choosing a first- ene ST T (STT g), which uses the low-priority queue, from 
the queue information table if the service queue associated wifh-ST-T- R - the STT of the received 
packet is the high-priority queue; 

(b'3) following the step (b'2), setting a service queue associated with-ST-T s - the randomly 
chosen first STT to be the high-priority queue and the service queue associated with STT R - the STT 
of the received packet to be the low-priority queue if the average load o f STT R - the STT of the 
received packet is greater than that of the randomly chosen first STT STT- S ; 

(b'4) randomly choosing a second eae-ST T (STT S ), which uses the high-priority queue, 
from the queue information table if the service queue associated with-ST-T- R - the STT of the 
received packet is the low-priority queue; and 

(b'5) following the step (b'4), setting the service queue associated with-ST-T- R - the STT of 
the received packet to be the high-priority queue and a service queue associated with STT S - the 
randomly chosen second STT to be the low-priority queue if the average load o f STT R - the STT of 
the received packet is smaller than that of the randomly chosen second STTS T-T- S . 

18. (previously presented) The method of claim 17, wherein the step (f) further 
comprises the following steps performed by the queue coordinator after the steps (a') and (b') and 
before the step (c'): 

(d) calculating an average load of the high-priority queue; and 

(e') selectively resetting a service queue associated with a certain STT depending on the 
calculated average load of the high-priority queue. 
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19. (previously presented) The method of claim 18, wherein the step (e') includes the 
steps of: 

(e' 1) obtaining the calculated average load of the high-priority queue from the step (d'); 

(e'2) randomly choosing one STT, which uses the high-priority queue, and setting a 
service queue of the randomly chosen STT to the low-priority queue if the calculated average load 
of the high-priority queue indicates that the high-priority queue is in a congested state; 

(e'3) randomly choosing one STT, which uses the low-priority queue, and setting a 
service queue of the randomly chosen STT to the high-priority queue if the calculated average load 
of the high-priority queue indicates that the high-priority queue is in an idle state; and 

(e'4) proceeding to the step (c') if the calculated average load of the high-priority queue 
indicates that the high-priority queue is in a stable state or when one of the steps of (e'2) and (e'3) is 
performed. 

20. (currently amended) The method of claim 19, wherein the step (d') further 
includes the steps of: 

(d'l) determining whether the service queue associated wifh-ST-T- R - the STT of the 
received packet after the selective resetting in the step (b') is the high-priority queue or the low- 
priority queue; 

(d'2) calculating a total packet size served through the high-priority queue if the service 
queue associated with-ST-T- B - the STT of the received packet is the high-priority queue; 

(d'3) calculating the average load of the high-priority queue if it is time to recalculate the 
average load of the high-priority queue; and 

(d'4) proceeding to the step (e'). 
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